Awesome Open Source
Awesome Open Source


No Maintenance Intended Build Status

SeaSponge is an accessible web-based threat modeling tool developed for Mozilla Winter of Security 2014.


This web-based application is being developed with three characteristics in mind:

  • Accessibility: We want everyone to be able to map out their infrastructures and generate security reports on any operating-system and on any browser.
  • Aesthetics: We're tired of clunky, boring interfaces - we want to bring the pizazz into threat-modeling.
  • Intuitive User-Experience: We hate manuals, and we want you to be able to use this software without one.

Please see for a live demo of the application.
There is also a video on Air Mozilla available at

Example Threat Model developed with SeaSponge

Here is a share link for the SeaSponge threat model we developed in our Air Mozilla demo video:


See our Usage page in our Wiki for more details.



With Mozilla Advisor Curtis Koenig and Professor Dr. Pawan Lingras


Please see our Contributing Guidelines


You may need to prefix commands with sudo

After forking and cloning the repository in the location of your choice run the following commands to install your Node.js and Bower dependencies.

On Debian and Ubuntu-based platforms, the nodejs-legacy package must be installed along with nodejs and npm using apt-get in order to fix a naming conflict that will otherwise prevent some packages from building and running correctly, as explained in [/usr/share/doc/nodejs/README.Debian] (

npm install
bower install


Once you have the application and dependencies installed you can start building the app.

# Previews the app on a local server
grunt serve

# Builds the application to dist/
grunt build


# Build docs to docs/
grunt docs

# Build docs and serve docs/ for web browser
grunt serve:docs


Please see the Development Guide


Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
coffeescript (1,480
mozilla (50